Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-08-2016 01
Uruchomiony przez b0635940 (2016-08-17 09:13:16)
Uruchomiony z C:\FRST\FRST-OlderVersion
Windows 7 Enterprise Service Pack 1 (X64) (2014-07-14 07:34:05)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Random&%1 (S-1-5-21-1894956136-1299320784-90857559-501 - Limited - Disabled)
secmaster (S-1-5-21-1894956136-1299320784-90857559-500 - Administrator - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: System Center Endpoint Protection (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: System Center Endpoint Protection (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActivClient x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\{316462DB-82C6-4856-BA1F-2FDFDC08799F}) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AskForPhone-60-EN-003 (HKLM-x32\...\{F5C71F47-8BB5-4874-8A95-0FC8CE1B9206}) (Version: 6.01.0003 - ING Group)
BMC BladeLogic Server Automation Console (HKLM-x32\...\Server Automation Console) (Version: 8.7.00.239 - BMC Software, Inc.)
BMC BladeLogic Server Automation Console 8.3.00.115 (HKLM\...\Server Automation Console  1) (Version: 8.3.00.115 - BMC Software)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{A12CCE47-ED2B-4FCE-B945-55173A7E0971}) (Version: 4.2.03013 - Cisco Systems, Inc.)
Cisco AnyConnect Network Access Manager (HKLM-x32\...\{E3F02D30-77A4-40F8-8ECA-A485716A9EB8}) (Version: 4.2.03013 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.03013 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.03013 - Cisco Systems, Inc.) Hidden
Cisco Jabber (HKLM-x32\...\{F24C7016-E780-4ECA-820E-37AF59EE6B4A}) (Version: 11.1.2.24949 - Cisco Systems, Inc)
Cisco WebEx Meeting Center for Internet Explorer (HKLM-x32\...\{3EFE837C-A05E-49EA-81D7-3A167FA8858F}) (Version: 28.9.0.15980 - Cisco WebEx LLC)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
Client Security - Password Manager (HKLM\...\{3FD730D4-755F-439B-8082-B55E00924A44}) (Version: 8.30.0057.00 - Lenovo Group Limited)
Configuration Manager Client (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden
CONTROL-M/Enterprise Manager 6.4.01 (Default) (HKLM-x32\...\CONTROL-M/Enterprise Manager 6.4.01 (Default)) (Version: 6.4.01 - BMC Software)
CONTROL-M/Enterprise Manager 6.4.01 Fix Pack 6 (Default) (HKLM-x32\...\CONTROL-M/Enterprise Manager 6.4.01 Fix Pack 6 (Default)) (Version: 6.4.01.600 - BMC Software)
Control-M/Enterprise Manager 8.0.00 (Default) (HKLM\...\Control-M/Enterprise Manager 8.0.00) (Version:  - BMC Software, Inc.)
Control-M/Enterprise Manager 8.0.00 Fix Pack 2 (Default) (HKLM-x32\...\Control-M/Enterprise Manager 8.0.00 Fix Pack 2 (Default)) (Version: 8.0.00.200 - BMC Software)
cwbnethlp (x32 Version: 1.00.0000 - Your Company Name) Hidden
Device Installer x64 (HKLM\...\{975A66D8-956F-4A6D-9635-6DF86ACBBCF3}) (Version: 2.3 - ActivIdentity)
DIMENSIONSCLIENT-2009R210-EN-350 (HKLM-x32\...\{3D9D519A-ABF8-4ADD-ADFF-7EF2CFE78D25}) (Version: 5.0 - Publisher)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
GlobalProtect (HKLM\...\{86E9BFDD-8499-4ED3-82C4-17C1FDCFE6F3}) (Version: 2.3.3 - Palo Alto Networks)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP SNMP Proxy_64 (HKLM\...\{F8921379-AAA4-4061-B2BF-958E2B4828F1}) (Version: 3.2.6.56 - Hewlett-Packard, USA)
IBM i Access for Windows 7.1 (HKLM\...\{31E11496-1F84-4DCC-B07A-369B40B8B4A7}) (Version: 07.01.1000 - IBM)
IBM i Access for Windows MRI (x32 Version: 07.01.0000 - IBM) Hidden
Inst5676 (Version: 8.01.00 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01 - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01 - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
MDOP MBAM (HKLM\...\{A3785106-A919-4E7A-9D83-C56236655366}) (Version: 0.3.1137.1 - Microsoft Corporation)
Micro Focus InfoConnect Desktop Pro for Unisys Evaluation (HKLM-x32\...\InfoconnectUX_Eval) (Version: 16.0.0001 Update 1 - Micro Focus)
Micro Focus InfoConnect Desktop Pro for Unisys Evaluation (x32 Version: 16.0.0001 - Micro Focus) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Application Virtualization Desktop Client (HKLM\...\{342C9BB8-65A0-46DE-AB7A-8031E151AF69}) (Version: 4.6.1.20870 - Microsoft Corporation)
Microsoft Application Virtualization Desktop Client (HKLM-x32\...\{342C9BB8-65A0-46DE-AB7A-8031E151AF69}) (Version: 4.6.1.20870 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Polish/Polski (HKLM-x32\...\Office14.OMUI.pl-pl) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Polish/Polski (HKLM-x32\...\Office15.OMUI.pl-pl) (Version: 15.0.4433.1507 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Standard 2013 (HKLM-x32\...\Office15.PRJSTD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM-x32\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visio Standard 2013 (HKLM-x32\...\Office15.VISSTD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Viewer 2013 (HKLM-x32\...\{95150000-0052-0415-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.7.3 - Ericsson AB)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NetworkGuard (HKLM-x32\...\{82D5A23B-9B0D-47C9-BD20-3EF5935CB40E}) (Version: 1.0.2 - Microsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 7.12.23 - )
Online Plug-in (x32 Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - Frank Heindörfer, Philip Chinery)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.2 - Lenovo Group Limited)
PuTTY release 0.64 (HKLM-x32\...\PuTTY_is1) (Version: 0.64 - Simon Tatham)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Self-service Plug-in (x32 Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0017-0000-0000-0000000FF1CE}_Office15.SharePointDesigner_{0ED32FD9-24E7-4F6F-A036-E50313B3799A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0415-0000-0000000FF1CE}_Office14.OMUI.pl-pl_{11B0F533-C8CF-420C-A43C-C7F93773CA62}) (Version:  - Microsoft)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.9.219.0 - Microsoft Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.12.60 - )
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.240.0 - )
Validity WBF DDK 5011 (HKLM\...\{FF5E324F-1FFF-49D4-8F71-0D25EDF12764}) (Version: 4.5.240.0 - Validity Sensors, Inc.)
wePresent WiPG-1000 (HKLM-x32\...\wePresent WiPG-1000_is1) (Version: 1.2.4.3 - AWIND Inc)
Windows Firewall Configuration Provider (HKLM\...\{109A5A16-E09E-4B82-A784-D1780F1190D6}) (Version: 1.2.3412.0 - Microsoft Corporation)
WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {1538ACE8-8F97-4E3D-8FB8-1E8B0700CB31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-03] (Adobe Systems Incorporated)
Task: {1F7D17B7-1A24-415E-94B5-3DD3145FEAFC} - System32\Tasks\BGINFO => C:\Program Files\BgInfo\Bginfo.exe [2014-01-23] (Sysinternals)
Task: {2690E24D-3FAA-4DA2-A999-CB315CDF37D9} - System32\Tasks\{68096D73-F096-491E-99EE-D32E0E22A1C3} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.25.0.106/pl/abandoninstall?page=tsProgressBar
Task: {4EAED140-1FD3-4AAF-8560-D8394F6A4BA7} - System32\Tasks\NetworkGuardFix => net [Argument = start networkguard]
Task: {6056491D-24F8-42FA-8486-82F5333033C5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {69292AAC-3E5A-463E-ACBA-83919D42EFED} - System32\Tasks\Bitlocker-Encryption => powershell.exe -ExecutionPolicy Bypass -command  "&amp; {$zmienna = gwmi -Namespace "root/CIMV2/Security/MicrosoftVolumeEncryption" -Class Win32_EncryptableVolume | where {$_.DriveLetter -eq 'C:'}; New-EventLog -LogName System -Source Bitlocker-Enc -ErrorAction SilentlyContinue;Write-EventLog –LogName System –Sour (dane wartości zawierają 783 znaków więcej).
Task: {6CB26ACD-A878-4EA4-9B22-E7243A62F4A5} - System32\Tasks\{9B4B3B6B-C47C-4EC0-9B93-C10125AA605C} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.25.0.106/pl/abandoninstall?page=tsProgressBar
Task: {8B0F4351-55C5-4535-97B3-158B1E730F9F} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2015-04-14] (Microsoft Corporation)
Task: {981D2CFE-F50A-4955-A69D-1B956FABCEA5} - System32\Tasks\b0635940GamesterSpadicesV2 => Rundll32.exe NutletJuridic.dll,main 7 1 <==== UWAGA
Task: {ADAA8E22-E2AD-471E-A2A1-823D7D9BDF93} - System32\Tasks\BitLockerBackup => Cscript.exe //nologo bitlockeradbackup.vbs
Task: {B47A9E66-C64E-4FEE-BA33-BBFBC3BFA9BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B88F3A34-8C1E-464D-9C23-2A6BDA626E1F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording]
Task: {BBD2D60F-606B-4D8D-9AED-134170939173} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E045E9F9-3704-4519-9D46-CFAC4943FC17} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E11A3636-6F23-450D-8B18-068214EB9691} - System32\Tasks\MonitorSerialNumber => Cscript.exe //nologo GetMonitorInfo.vbs
Task: {E3A6614A-3E72-4B94-86FE-4943FFB60EFE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {E4DBF73F-F5B2-4240-A2B6-97F1AD383BF7} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {EB556951-860B-47CC-988B-7D7526B44F3E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-11-14] (Lenovo Group Limited)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

==================== Załadowane moduły (filtrowane) ==============

2013-11-01 20:41 - 2013-11-01 20:41 - 00109568 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\cachesrvr.exe
2013-11-01 20:48 - 2013-11-01 20:48 - 00627200 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\cachedrv.dll
2013-11-01 20:40 - 2013-11-01 20:40 - 00035328 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\ssplogon.dll
2013-11-01 20:40 - 2013-11-01 20:40 - 00055296 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\RandomPass.dll
2013-11-01 20:40 - 2013-11-01 20:40 - 00021504 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\cryptodll.dll
2013-11-01 20:55 - 2013-11-01 20:55 - 00250256 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\mstrpwd.dll
2014-02-14 03:17 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-08-16 08:46 - 2014-11-14 07:07 - 00105472 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2013-11-01 20:45 - 2013-11-01 20:45 - 00014848 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\vchannel.dll
2016-03-25 06:54 - 2016-03-25 06:54 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-03-25 06:38 - 2016-03-25 06:38 - 00720896 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\libxml2.dll
2014-07-14 09:44 - 2011-07-13 11:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2014-05-21 12:23 - 2014-05-21 12:23 - 00022696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\lynchtmlconvpxy.dll
2014-07-14 09:40 - 2013-09-03 16:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-10-01 20:32 - 2012-10-01 20:32 - 00321136 _____ () C:\Program Files (x86)\Microsoft Office\Office15\msfad.dll

==================== Alternate Data Streams (filtrowane) =========

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-1463549253-2724516119-1591476449-153512\...\google.pl -> hxxps://www.google.pl

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-1463549253-2724516119-1591476449-153512\Control Panel\Desktop\\Wallpaper -> C:\Users\b0635940\AppData\Local\Temp\BGInfo.bmp
DNS Servers: 10.111.222.35 - 10.111.222.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja wyłączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{DC9A991D-4268-4DA6-9666-81D106194A7E}] => (Allow) C:\Program Files (x86)\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{7BE36360-A54B-4268-AD43-DD5729C6AD73}] => (Allow) C:\Program Files (x86)\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{B16995E4-5091-4DA1-88C6-0032D2659647}] => (Allow) C:\Program Files (x86)\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [{11D790ED-DB81-4E04-96F9-3CDF579A9D0B}] => (Allow) C:\Program Files (x86)\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [TCP Query User{FFCF930D-CA12-4908-866F-06C1367BEC34}C:\program files\bmc software\control-m em 8.0.00\default\bin\emwa.exe] => (Allow) C:\program files\bmc software\control-m em 8.0.00\default\bin\emwa.exe
FirewallRules: [UDP Query User{2E84EDF8-9B82-458B-B0A0-C5E91FA37506}C:\program files\bmc software\control-m em 8.0.00\default\bin\emwa.exe] => (Allow) C:\program files\bmc software\control-m em 8.0.00\default\bin\emwa.exe
FirewallRules: [TCP Query User{FB98EC08-34E0-49AF-9522-31002A0B9549}C:\program files (x86)\bmc software\control-m em 6.4.01\default\bin\emgui.exe] => (Allow) C:\program files (x86)\bmc software\control-m em 6.4.01\default\bin\emgui.exe
FirewallRules: [UDP Query User{6788410B-EF99-42AE-9ABC-D93172BFDE96}C:\program files (x86)\bmc software\control-m em 6.4.01\default\bin\emgui.exe] => (Allow) C:\program files (x86)\bmc software\control-m em 6.4.01\default\bin\emgui.exe
FirewallRules: [{6E4C41D3-FE87-4C38-B301-414A647BD10F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1240A523-9A8B-4E5E-B093-9F78850225F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{47275538-5283-4C4F-9C3D-05D908F09D37}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe
FirewallRules: [{B1463A62-56FF-4EAD-BC5E-D1A6E3FAC8AD}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\wbxcOIEx.exe
FirewallRules: [{0B5EB1CF-D163-40A5-8B39-B7A0F17F8FC8}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\x64\wbxcOIEx64.exe
FirewallRules: [{26702D5F-A7CD-4998-805D-1E5B4FC8255E}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe
FirewallRules: [{FCB4057D-2B0B-42D6-A8E4-BA395E39CA79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED9E7169-70D2-42D4-BDCC-8B65C0B107E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F578E840-E780-41CD-A5AF-91206CF249FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB5AF0BA-25B2-49EB-93DE-35844DF5EDCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A32A6332-B514-4A7B-9529-58C2366B00EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5AC400C-398F-4C26-83E6-4078B292915C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9CFBD1A9-DE40-4AD2-9524-94367809BA64}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{96E08612-1195-4DB5-8103-28A248AB07B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B0D56A28-41D0-4DC6-AE8F-D0D06D8F8E2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B4B39F79-E931-41B0-ADA8-618FE6F33CAF}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe

==================== Punkty Przywracania systemu =========================

17-08-2016 00:17:07 Zaplanowany punkt kontrolny

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (08/17/2016 09:01:07 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: system lokalny0x800706baSerwer RPC jest niedostępny.

Error: (08/17/2016 09:01:07 AM) (Source: CertEnroll) (EventID: 13) (User: ZARZĄDZANIE NT)
Description: System lokalnyComputerautoenrollNGpkiintracs.pl.ing-ad\ING BSK Intranet CA NGN/ASerwer RPC jest niedostępny. 0x800706ba (WIN32: 1722)

Error: (08/17/2016 07:13:58 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: system lokalny0x800706baSerwer RPC jest niedostępny.

Error: (08/17/2016 07:13:58 AM) (Source: CertEnroll) (EventID: 13) (User: ZARZĄDZANIE NT)
Description: System lokalnyComputerautoenrollNGpkiintracs.pl.ing-ad\ING BSK Intranet CA NGN/ASerwer RPC jest niedostępny. 0x800706ba (WIN32: 1722)

Error: (08/17/2016 07:07:39 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: system lokalny0x800706baSerwer RPC jest niedostępny.

Error: (08/17/2016 07:07:39 AM) (Source: CertEnroll) (EventID: 13) (User: ZARZĄDZANIE NT)
Description: System lokalnyComputerautoenrollNGpkiintracs.pl.ing-ad\ING BSK Intranet CA NGN/ASerwer RPC jest niedostępny. 0x800706ba (WIN32: 1722)

Error: (08/17/2016 07:02:57 AM) (Source: Application Virtualization Client) (EventID: 3001) (User: )
Description: {tid=17FC}
GetKeyValues failed. Most likely the key names are incorrect, or you provide wrong number of keys.

Error: (08/17/2016 07:02:57 AM) (Source: Application Virtualization Client) (EventID: 3001) (User: )
Description: {tid=17FC}
GetKeyValues failed. Most likely the key names are incorrect, or you provide wrong number of keys.

Error: (08/17/2016 07:02:40 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: ZARZĄDZANIE NT)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/17/2016 07:01:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: ZARZĄDZANIE NT)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Dziennik System:
=============
Error: (08/17/2016 07:13:03 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:03 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:03 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:03 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:03 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:02 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:02 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:02 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:02 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)

Error: (08/17/2016 07:13:02 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)


CodeIntegrity:
===================================
  Date: 2014-07-21 08:02:31.767
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-21 08:02:29.035
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Procent pamięci w użyciu: 44%
Całkowita pamięć fizyczna: 7895.65 MB
Dostępna pamięć fizyczna: 4395.56 MB
Całkowita pamięć wirtualna: 15789.49 MB
Dostępna pamięć wirtualna: 12448.77 MB

==================== Dyski ================================

Drive c: (CEDS) (Fixed) (Total:118.95 GB) (Free:22.49 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 0054C119)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================